Abstract: Disclosed is a key negotiation method including that a network entity generates an MTC communication key between an MTC device or an MTC application and a network by utilizing a key distribution algorithm for MTC communication according to a root key for the MTC communication maintained by the network entity. The network entity generates an MTC group key by utilizing a key distribution algorithm for MTC group communication according to the root key. The network entity issues the generated MTC communication key and the generated MTC group key to the MTC device or the MTC application via a secure method so as to allow the MTC device or the MTC application to securely store the MTC communication key and the MTC group key. Also disclosed are a network entity, a key negotiation system and a computer storage medium.

Abstract: The present disclosure discloses a method and system for triggering a Machine Type Communication MTC device. The method includes that: an MTC server sends a Bootstrapping Server Function entity BSF a request message including information on a GBA-PUSH Information GPI request and information on a triggering request; the BSF generates GPI and adds parametric information of a triggering instruction in the GPI according to the information on the triggering request through a GPI request processing flow, and sends the GPI including the parametric information of the triggering instruction to the MTC server; the MTC server sends the GPI including the parametric information of the triggering instruction to an MTC device to be triggered; and the MTC device is triggered according to the parametric information of the triggering instruction in the received GPI.

Abstract: Disclosed are a method for protecting a machine type communication device, a network entity, and a machine type communication (MTC) device service capability opening functional entity. The method comprises: after a network entity authenticates an external application, establish a security association between the external application and an MTC device according to a preset rule; and the network entity sends the security association between the external application and the MTC device to the corresponding MTC device, so as to determine, by means of the security association between the external application and the MTC device, the MTC device that can be accessed by the external application under authorization.

Abstract: Disclosed is a key negotiation method including that a network entity generates an MTC communication key between an MTC device or an MTC application and a network by utilizing a key distribution algorithm for MTC communication according to a root key for the MTC communication maintained by the network entity. The network entity generates an MTC group key by utilizing a key distribution algorithm for MTC group communication according to the root key. The network entity issues the generated MTC communication key and the generated MTC group key to the MTC device or the MTC application via a secure method so as to allow the MTC device or the MTC application to securely store the MTC communication key and the MTC group key. Also disclosed are a network entity, a key negotiation system and a computer storage medium.

Abstract: Disclosed is a method for managing a device-to-device (D2D) communication group. The method comprises: a network side device establishes a D2D communication group, and delivers a shared key generated for the D2D communication group to all the devices in the D2D communication group, the shared key being used for D2D communication of all the devices; and the network side device determines that the D2D communication group terminates the D2D communication, and deletes the D2D communication group and the shared key. Also disclosed are a device and a computer storage medium.

Abstract: Disclosed is a method for secure transmission of small data of a machine type communication (MTC) device group, comprising a process wherein an MTC device and an MTC-Interworking Function (MTC-IWF) generate a shared key KIWF on the basis of a GBA procedure, the MTC device and a bootstrapping server (BSF) performing AKA authentication: a home subscriber server (HSS) determines whether the MTC device belongs to the MTC device group and whether said device has small data transmission and reception capabilities; if said device belongs to said group and has said capabilities, an AKA authentication vector generated on the basis of the MTC device group key is sent to said BSF; the BSF carries out AKA authentication with the MTC device on the basis of the received AKA authentication vector. Also disclosed is a system for secure transmission of small data of an MTC device group.

Abstract: Disclosed in an embodiment of the present invention is a method of establishing a small data secure transmission connection for an MTC device group, comprising: after receiving authentication data request information, an HSS checks whether an MTC device belongs to the MTC device group, and generates authentication response data and a shared key between the MTC device and an MTC-IWF entity after determining that the MTC device belongs to the MTC device group; the authentication data request information is transmitted by an MME after receiving attachment request information transmitted by the MTC device; the HSS transmits to the MME the authentication response data and the auxiliary information used for generating a shared key, and transmits to the MTC-IWF entity the identifier information of the MTC device group and the shared key; the authentication response data is used to conduct mutual authentication on the MME and the MTC device, such that the MTC device generates a shared key between the MTC device and t

Abstract: Disclosed is a method for secure transmission of small data of a machine type communication (MTC) device group, comprising a process wherein an MTC device and an MTC-Interworking Function (MTC-IWF) generate a shared key KIWF on the basis of a GBA procedure, the MTC device and a bootstrapping server (BSF) performing AKA authentication: a home subscriber server (HSS) determines whether the MTC device belongs to the MTC device group and whether said device has small data transmission and reception capabilities; if said device belongs to said group and has said capabilities, an AKA authentication vector generated on the basis of the MTC device group key is sent to said BSF; the BSF carries out AKA authentication with the MTC device on the basis of the received AKA authentication vector. Also disclosed is a system for secure transmission of small data of an MTC device group.

Abstract: Provided is a SIP-based method for secure communication between MTC devices, including that an SIP server establishes a secure connection with a source MTC device and a secure connection with a target MTC device respectively through a GBA manner or a GBA-push manner, the SIP server generates an application layer session key, sends the application layer session key to the source MTC device through the secure connection between the SIP server and the source MTC device, and sends the application layer session key to the target MTC through the secure connection between the SIP server and the target MTC device. A SIP-based system and apparatus for secure communication between MTC devices are also provided. The establishment of a secure connection between MTC devices based on an SIP protocol can be implemented.

Abstract: A method for realizing secure communication between machine type communication devices and a network entity, the method includes: creating, by a network entity, an MTC device group for a directly-communicating MTC device, and saving MTC device group information corresponding to the MTC device group and MTC device information of an MTC devices contained in the MTC device group, herein the MTC device group information includes MTC device group identification information and MTC device group key information; and sending, by the network entity, the MTC device group information of the MTC device group, to which the MTC device belongs, to the MTC device.

Abstract: The disclosure discloses a method for triggering a Machine Type Communication (MTC) device, where an SGSN/MME receives a trigger from an MTC-IWF, and determines that the MTC device is in an unattached state and the MTC device is in a communication window of the MTC device; when the MTC device gets attached to the network before expiration of the communication window, the SGSN/MME sends the trigger to the MTC device; or when the MTC device fails to get attached to the network before expiration of the communication window, the SGSN/MME sends a trigger transmission report to the MTC-IWF, such that the MTC-IWF saves the trigger by sending the trigger to an SMS-SC, and forwards the trigger transmission report to an MTC server initiating the trigger. The disclosure further discloses a system for triggering an MTC device corresponding to the method. With the disclosure, an MTC device in an unattached state can be triggered.

Abstract: The disclosure discloses a method and apparatus for binding a UICC and an MTC device to solve a problem of restriction to a binding relationship imposed by a life cycle of a pre-shared key Ks_local when binding of the MTC device and the UICC is implemented by way of GBA-U. With the disclosure, after a binding relationship between the MTC device and the UICC is established on the UICC, when a stored key shared by the MTC device and the UICC expires, a key Ks_local shared by the UICC and the MTC device can be re-established through a process of establishing the shared key Ks_local based on the GBA-U according to the established binding relationship, such that the binding relationship between the UICC and the MTC device is not restricted by the life cycle of a shared key Ks_local.

Abstract: The disclosure discloses a key sharing method for a Machine Type Communication (MTC) server, wherein when establishing a safe connection and performs safe communications with a first MTC server via a Generic Bootstrapping Architecture (GBA) process, an MTC device may send a second MTC server a request message containing a bootstrapping identifier (B-TID) currently used by the MTC device and the first MTC server and a host identifier NAF-ID1 of the first MTC server; the second MTC server sends a Bootstrapping Server Function (BSF) an authentication request containing a host identifier NAF-ID2 of the second MTC server, the B-TID, and NAF-ID; after verifying the validity of NAF-ID2 and NAF-ID1, the BSF generates a session key KNAF according to the B-TID and the NAF-ID1, and sends the generated KNAF to the second MTC server. Accordingly, the disclosure further discloses a key sharing system for an MTC server.

Abstract: A method for binding a Machine Type Communication (MTC) device and a Universal Integrated Circuit Card (UICC) is disclosed. The method includes: during a process of establishment of a shared key, a Network Application Function (NAF) acquires identity information of the MTC device and identity information of the UICC (101); the NAF establishes a binding relationship between the MTC device and the UICC based on the identity information of the MTC device and the identity information of the UICC, and stores the binding relationship into a binding relationship table stored by the NAF (102).

Abstract: Provided is a SIP-based method for secure communication between MTC devices, including that an SIP server establishes a secure connection with a source MTC device and a secure connection with a target MTC device respectively through a GBA manner or a GBA-push manner, the SIP server generates an application layer session key, sends the application layer session key to the source MTC device through the secure connection between the SIP server and the source MTC device, and sends the application layer session key to the target MTC through the secure connection between the SIP server and the target MTC device. A SIP-based system and apparatus for secure communication between MTC devices are also provided. The establishment of a secure connection between MTC devices based on an SIP protocol can be implemented.

Abstract: The disclosure provides a system, an apparatus and a method for triggering a roaming Machine Type Communication (MTC) device. The system comprises an MTC InterWorking Function (MTC-IWF) entity of a home network and an MTC-IWF entity of a visitor network, wherein the MTC-IWF entity of the home network is configured to receive the registration information reported by the roaming MTC device, and send the triggering request message to the MTC-IWF entity of the visitor network according to the registration information when receiving the triggering request message for triggering the roaming MTC device; and the MTC-IWF entity of the visitor network is configured to receive the triggering request message and trigger the roaming MTC device.

Abstract: The disclosure discloses a method for triggering a Machine Type Communication (MTC) device, where an SGSN/MME receives a trigger from an MTC-IWF, and determines that the MTC device is in an unattached state and the MTC device is in a communication window of the MTC device; when the MTC device gets attached to the network before expiration of the communication window, the SGSN/MME sends the trigger to the MTC device; or when the MTC device fails to get attached to the network before expiration of the communication window, the SGSN/MME sends a trigger transmission report to the MTC-IWF, such that the MTC-IWF saves the trigger by sending the trigger to an SMS-SC, and forwards the trigger transmission report to an MTC server initiating the trigger. The disclosure further discloses a system for triggering an MTC device corresponding to the method. With the disclosure, an MTC device in an unattached state can be triggered.

Abstract: The disclosure discloses a method and apparatus for binding a UICC and an MTC device to solve a problem of restriction to a binding relationship imposed by a life cycle of a pre-shared key Ks_local when binding of the MTC device and the UICC is implemented by way of GBA-U. With the disclosure, after a binding relationship between the MTC device and the UICC is established on the UICC, when a stored key shared by the MTC device and the UICC expires, a key Ks_local shared by the UICC and the MTC device can be re-established through a process of establishing the shared key Ks_local based on the GBA-U according to the established binding relationship, such that the binding relationship between the UICC and the MTC device is not restricted by the life cycle of a shared key Ks_local.

Abstract: A method for binding a Machine Type Communication (MTC) device and a Universal Integrated Circuit Card (UICC) is disclosed. The method includes: during a process of establishment of a shared key, a Network Application Function (NAF) acquires identity information of the MTC device and identity information of the UICC (101); the NAF establishes a binding relationship between the MTC device and the UICC based on the identity information of the MTC device and the identity information of the UICC, and stores the binding relationship into a binding relationship table stored by the NAF (102).

Abstract: The present invention discloses a key distribution method and system, and the method includes: a card issuer management platform generating initial keys of a supplementary security domain corresponding to an application provider, importing the initial keys and a Trust Point's public key for external authentication to the supplementary security domain, and sending the information of the supplementary security domain and the initial keys to the application provider management platform (202); the application provider management platform receiving the information of the supplementary security domain and the initial keys, and selecting the supplementary security domain of the smart card by a service terminal according to the information of the supplementary security domain and the initial keys (204); the application provider management platform generating a public key and a private key of the supplementary security domain as well as a certificate of the supplementary security domain, and encrypting the public key